Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 109993 - media-gfx/inkscape security updates available
Summary: media-gfx/inkscape security updates available
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.inkscape.org/
Whiteboard: B2 [glsa] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2005-10-20 23:36 UTC by Neil Darlow
Modified: 2005-11-28 02:20 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Neil Darlow 2005-10-20 23:36:11 UTC 
To quote the Inkscape site announcement:

October 9, 2005

Mentalguy has released new point releases of the past two versions of Inkscape
to correct two issues with arbitrary code execution when opening malicious
files. There are no known exploits for this issue, but if you use Inkscape on a
production machine in a manner that invokes files from arbitrary sources, you
may wish to upgrade.


Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2005-11-19 14:59:36 UTC 
Security, any word on this?
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-11-20 00:01:48 UTC 
Graphics please provide an updated ebuild.
Comment 3 Karol Wojtaszek (RETIRED) gentoo-dev 2005-11-22 07:19:46 UTC 
Bumped in portage
Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-11-22 09:03:28 UTC 
Arches please test and mark stable.
Comment 5 Markus Rothe (RETIRED) gentoo-dev 2005-11-22 10:31:54 UTC 
stable on ppc64
Comment 6 Simon Stelling (RETIRED) gentoo-dev 2005-11-22 11:20:11 UTC 
amd64 keywording happy hour: get two keywords for the price of one!
Comment 7 Chris White (RETIRED) gentoo-dev 2005-11-22 12:19:39 UTC 
x86 stable.  This program is addictive.
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2005-11-22 12:31:57 UTC 
sparc stable.
Comment 9 Joe Jezak (RETIRED) gentoo-dev 2005-11-27 11:53:49 UTC 
Marked ppc stable.
Comment 10 Thierry Carrez (RETIRED) gentoo-dev 2005-11-28 02:20:30 UTC 
Thx everyone
GLSA 200511-22